<?php 
session_start();
if (!isset($_SESSION['Username'])) {
                header("location:login.php");
        }
 ?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Inventory</title>
<link href="css/default.css" rel="stylesheet" type="text/css" />
<?php include('includes/path.php'); ?>

</head>

<body class="oneColFixCtrHdr">
<div id="container">
<?php include( 'includes/header.php' ); ?>
<?php include( 'includes/menu.php' ); ?>
<?php include( 'includes/status.php' ); ?>

  <div id="mainContent">

<h1><center>Order Complete</center></h1>

<?php 
  // This file inserts the following
  // variables: USER, PASS, DB
	if ( $_POST['quant'] == "") {  header("location:manager.php"); }   

?>
<?php
    include('db.php');
    $CON = mysql_connect( $HOST, $USER, $PASS );
    if (!$CON)
          {
                  die('Could not connect: ' . mysql_error());
          }
    mysql_select_db( $DB );

    $MyQry = "SELECT Users.user_id FROM Users WHERE '$username' = Users.login";
    $fetcheduser = mysql_query($MyQry) or die($MyQry."<br/><br/>".mysql_error());;
    $row = mysql_fetch_assoc($fetcheduser);
    $myuser = $row['user_id'];



    $e = $_POST['quant'];
    foreach ($_POST['finishgood_list'] as $parts)
  {
        $y = rand();
        $sql="INSERT INTO Order_Requests(request_id, part_id, user_id, quantity, date) VALUES ('$y','$parts','$myuser','$e',now())";
        mysql_query($sql);
  }

    mysql_close($CON);

    echo "<p><center>Your order for the parts is now pending. Please wait for a manager to approve the order.</center></p>";
?>

 <!-- end #mainContent --></div>
<?php include('includes/footer.php'); ?>
<!-- end #container --></div>
</body>
</html>
